- August 23, 2023
- May 31, 2023
- March 1, 2023
- February 16, 2023
- February 1, 2023
- January 18, 2023
Meet Your Host
Bill is the Vice President of Global Compliance for Archive360. Bill brings more than 29 years of experience with multinational corporations and technology start-ups, including 19-plus years in the archiving, information governance, and eDiscovery markets. Bill is a frequent speaker at legal and information governance industry events and has authored numerous eBooks, articles and blogs.
- Evolution of Compliance Officer Role: They discuss the historical background of compliance officers and how guidelines from 1991 emphasized effective compliance programs. The Caremark case in 1996 established the duty of directors to oversee compliance risks, including information systems and red flags.
- Recent Changes: They delve into a recent Caremark case that extends compliance responsibilities to corporate officers, not just directors. This means the CEO and CCO now share company-wide compliance duties.
- DOJ's Influence: The US Department of Justice's guidance is shaping compliance expectations, emphasizing a culture of compliance, empowering officers to raise concerns, and prioritizing ethics over profit.
- Data transfer and the uncertainty around how companies can legally transfer data across borders, around the world, and particularly in Europe, to be compliant with data protection laws.
- The new role of the DPO (Data Protection Officer) mandated under the GDPR, the DPO's roles and responsibility, and their background requirements
- How AI will play a role in governance and the new programs the IAPP is launching to help privacy professionals manage this new AI world
In this episode Priya Keshav, CEO of Meru Data, discusses the effects of the explosion of privacy legislation on corporations. This episode also discuss:
Whether the approach to regulatory compliance can be simplified by using one set of regulations as the "golden standard"
Reasonable data security: how is it defined and who enforces those requirements
The proposed federal privacy legislation and if it will pre-empt the current state privacy laws
- Why there is no one data privacy set of requirements that is the "golden standard" like the GDPR or CCPA, whereby complying to one set of laws will equal compliance with all other US states' legislation. Each new set of data privacy laws has their own nuances and exemptions.
- The staggering amount of money organizations will spend (up to $100B per year) having to comply with multiple state requirements - including additional reiterations of existing states' data privacy laws.
- How the most efficient way for an organization to respond to a data subject's access request is by centralizing and syncing all the organization's data in a single repository.
- the upcoming Canadian Privacy Laws (C27) and how they align with other country privacy regulations.
- how the law is split into three parts: a modernization of current Canadian laws (PIPEDA), a tribunal component, and how AI will effect the collection of data
- what will be the rights of private citizens to have their PII deleted